Appl. No. 10/050,648 

Amdt. Dated 09-28-2006 

Reply to Office action of May 2, 2006 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) A system to uniquely identify a security computing device, 
the security computing device coupled to a computing devic e computer , the computing d e vic e 
computer coupled to a server over a computer network, the system comprising: 

a security computing device separate from the computer connected to the computer over 
a input/output (VP) link, the security computing device including a processor and a secure 
memory coupled to the computing d e vic e, the security computing device storing a serial number 
associated with the security computing device and a user key associated with the serial number 
that is unique to the security computing device in a the secure memory; 

a server coupled to a user information database, the user information database storing a 
plurality of registered serial numbers and a plurality of user keys, each user key being associated 
with one of the plurality of registered serial numbers; 

wherein, when the computing d e vic e computer attempts to log onto the server over the 
computer network, the server: 

requests a serial number from the security computing device , the security 
computing device under the control of the processor to transmit the serial number from the 
secure memory ; 

verifies whether the serial number received from the security computing device is 
stored as one of the plurality of registered serial numbers in the user information database; 

if the serial number is stored within the user information database, the server 
obtains the associated user key and computes a challenge and computes an expected response 
based on the associated user key, the server sends the challenge to the security computing device 
over the computer network , wherein the security computing device under the control of the 
processor computes a response based upon a user key stored in the secure memory of the security 
computing device ; and 

if the server receives a the response back from the security computing device in 
response to the challenge that matches the expected response, the server allows the computing 
d e vice computer to log onto the server. 

2. (Canceled) 

3. (Canceled) 

4. (Currently Amended) The system of claim 1, wherein the expected response 
computed at the server and the response computed at the security computing device, are both 
based on a one-way hashing function of the user key and the challenge. 

5. (Withdrawn) The system of claim 1, wherein the server updates the current date 
at the security device and updates an expiration date at the security device. 
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6. (Withdrawn) The system of claim 1, wherein the server unlocks a security device 
memory of the security device. 

7. (Withdrawn) The system of claim 6, wherein unlocking the security device 
memory of the security device includes the server computing a memory unlock message based 
upon a memory key associated with the serial number of the security device stored at the server, 
sending the memory unlock message to the security device, and if the security device verifies the 
memory unlock message as being valid, the security device unlocks the security device memory. 

8. (Withdrawn) The system of claim 7, wherein the server locks the security device 
memory by sending a memory lock command to the security device. 

9. (Currently Amended) The system of claim 1, wherein the server encrypts an asset 
with an asset key and sends the encrypted asset to the computing devic e computer , the 
computing d e vic e computer storing the encrypted asset. 

10. (Currently Amended) The system of claim 9, wherein the server encrypts the 
asset key with the user key and sends the encrypted asset key to the computing devic e computer , 
the computing d e vice computer storing the encrypted asset key. 

1 1 . (Original) The system of claim 10, wherein encrypting the asset key with the user 
key further comprises encrypting a rental flag identifying whether the associated asset is to be 
rented or purchased. 

12. (Currently Amended) The system of claim 10, wherein the security computing 
device decrypts the asset key that is encrypted with the user key using the user key stored by the 
security computing device. 

13. (Currently Amended) The system of claim 12, wherein the security computing 
device transmits the decrypted asset key to the computing d e vic e computer such that the 
computing d e vic e computer uses the decrypted asset key to decrypt the asset. 

14. (Currently Amended) A method to uniquely identify a security computing device, 
the security computing device coupled to a computing d e vic e computer , the computing d e vic e 
computer coupled to a server over a computer network, the method comprising: 

storing a serial number associated with the security computing device and a user key 
associated with the serial number that is unique to the security computing device in a secure 
memory of the security computing device; 

storing a plurality of registered serial numbers and a plurality of user keys at the server, 
each user key being associated with one of the plurality of registered serial numbers; 

requesting a serial number from the security computing device when the computing 
devic e computer attempts to log onto the server over the computer network , the security 
computing device being separate from the computer and being connected to the computer over 
an input/output (I/O) link, the security computing device operating under the control of a 
processor to transmit the serial number from the secure memory ; 

verifying whether the serial number received from the security computing device is 
stored as one of the plurality of registered serial numbers at the server; 
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if the serial number is stored at the server, 

obtaining the associated user key from the server; 
computing a challenge; 

computing an expected response based on the associated user key; 

sending the challenge to the security computing device over the computer 
network , wherein the security computing device under the control of the processor 
computes a response based upon a user key stored in the secure memory of the 
security computing device ; and 

if the server receives a response back from the security computing 

device in response to the challenge that matches the expected response, 

allowing the computing d e vic e computer to log onto the server. 

15. (Canceled) 

16. (Canceled) 

17. (Currently Amended) The method of claim 14, wherein the expected response is 
computed at the server and the response is computed at the security computing device, both the 
response and the expected response being based on a one-way hashing function of the user key 
and the challenge. 

18. (Withdrawn) The method of claim 14, further comprising updating the current 
date and an expiration date at the security device. 

19. (Withdrawn) The method of claim 14, further comprising unlocking a security 
device memory of the security device. 

20. (Withdrawn) The method of claim 19, wherein unlocking the security device 
memory of the security device includes computing a memory unlock message based upon a 
memory key associated with the security device, sending the memory unlock message to the 
security device, and if the security device verifies the memory unlock message as being valid, 
unlocking the security device memory. 

21 . (Withdrawn) The method of claim 20, further comprising locking the security 
device memory by sending a memory lock command to the security device. 

22. (Currently Amended) The method of claim 14, further comprising encrypting an 
asset with an asset key and sending the encrypted asset to the computing device computer , the 
computing d e vic e computer storing the encrypted asset. 

23. (Currently Amended) The method of claim 22, wherein the asset key is encrypted 
with the user key and the encrypted asset key is sent to the computing devic e computer, the 
computing d e vic e computer storing the encrypted asset key. 

24. (Original) The method of claim 23, wherein encrypting the asset key with the 
user key further comprises encrypting a rental flag identifying whether the associated asset is to 
be rented or purchased. 
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25. (Currently Amended) The method of claim 23, wherein the security computing 
device decrypts the asset key that is encrypted with the user key using the user key stored by the 
security device. 

26. (Original) The method of claim 25, wherein the security computing device 
transmits the decrypted asset key to the computing d e vic e computer such that the computing 
d e vic e computer uses the decrypted asset key to decrypt the asset. 

27. (Withdrawn) A security device to uniquely identify and authenticate a user, the 
security device coupled to a computing device, the computing device coupled to a server over a 
computer network, the server coupled to a user information database, the user information 
database storing a plurality of registered serial numbers and a plurality of user keys, each user 
key being associated with one of the plurality of registered serial numbers, the security device 
comprising: 

a microprocessor; and 

a security device memory, the security device memory storing a serial number associated 
with the security device and a user key associated with the serial number; 

wherein, when the computing device attempts to log onto the server over the computer 
network, the microprocessor operating in conjunction with the security device memory to: 

in response to a request from the sever, transmit the serial number to the 
computing device which is then transmitted to the server; 

in response to a challenge from the server, compute a response based upon the 

user key; and 

transmit the response to the computing device which is then transmitted to the 

server. 

28. (Withdrawn) The security device of claim 27, wherein the serial number and the 
user key are sealed in a secure memory of the security device. 

29. (Withdrawn) The security device of claim 27, wherein the response computed at 
the security device is based on a one-way hashing function of the user key and the challenge. 

30. (Withdrawn) The security device of claim 27, wherein the server encrypts an 
asset with an asset key and sends the encrypted asset to the computing device, the computing 
device storing the encrypted asset, and further the server encrypts the asset key with the user key 
and sends the encrypted asset key to the computing device, the computing device transmitting 
the encrypted asset key to the security device. 

3 1 . (Withdrawn) The security device of claim 30, wherein the microprocessor 
operating in conjunction with the security device memory decrypts the asset key that is encrypted 
with the user key using the user key stored in the security device memory. 

32. (Withdrawn) The security device of claim 3 1 , further comprising transmitting the 
decrypted asset key to the computing device such that the computing device uses the decrypted 
asset key to decrypt the asset. 

33-46. (Canceled) 
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